VYPR
Vendor

W3 Eden Inc.

Products
1
CVEs
8
Across products
8
Status
Private

Products

1

Recent CVEs

8
  • CVE-2021-34639HigAug 5, 2021
    risk 0.49cvss 7.5epss 0.01

    Authenticated File Upload in WordPress Download Manager <= 3.1.24 allows authenticated (Author+) users to upload files with a double extension, e.g. "payload.php.png" which is executable in some configurations. This issue affects: WordPress Download Manager version 3.1.24 and…

  • CVE-2021-34638MedAug 5, 2021
    risk 0.42cvss 6.5epss 0.01

    Authenticated Directory Traversal in WordPress Download Manager <= 3.1.24 allows authenticated (Contributor+) users to obtain sensitive configuration file information, as well as allowing Author+ users to perform XSS attacks, by setting Download template to a file containing…

  • CVE-2017-2217MedJul 7, 2017
    risk 0.40cvss 6.1epss 0.01

    Open redirect vulnerability in WordPress Download Manager prior to version 2.9.51 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

  • CVE-2017-2216MedJul 7, 2017
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting vulnerability in WordPress Download Manager prior to version 2.9.50 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2022-36288MedAug 23, 2022
    risk 0.35cvss 5.4epss 0.00

    Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in W3 Eden Download Manager plugin <= 3.2.48 at WordPress.

  • CVE-2022-34658MedAug 23, 2022
    risk 0.35cvss 5.4epss 0.00

    Multiple Authenticated (contributor+) Persistent Cross-Site Scripting (XSS) vulnerabilities in W3 Eden Download Manager plugin <= 3.2.48 at WordPress.

  • CVE-2022-34347MedAug 22, 2022
    risk 0.27cvss 4.2epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in W3 Eden Download Manager plugin <= 3.2.48 at WordPress.

  • CVE-2024-32131May 17, 2024
    risk 0.00cvss epss 0.00

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in W3 Eden Inc. Download Manager allows Functionality Bypass.This issue affects Download Manager: from n/a through 3.2.82.